Jump to content

Black hat (computer security)

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 216.207.176.186 (talk) at 18:09, 28 November 2022 (CE for tone). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

A Black Hat (Black Hat Hacker or Blackhat)[1] is a computer hacker who usually violates laws or typical ethical standards. The term came into use in the 1950s, when bad guys wore black hats and good guys wore white hats. Black hat hackers aim to hack into any system for their own profit or out of malice. Black hat is contrasted with white hat. A third category is sometimes added, the gray hat, who hacks with good intentions but at times without permission.[2]

History

Countries initially affected in WannaCry ransomware attack

The terms "Black hat" come from the color scheme used in westerns from the 1950s, in which the bad guys wore black hats, and the good guys wore white or other light colors. Criminals who intentionally enter computer networks are known as "black hat hackers".[3] They may also distribute malware that steals passwords, credit card numbers, and other personal information, holds computers hostage, or destroys files. Even though hacking has become an important tool for governments to gather intelligence, Black Hats still tend to work alone or with organized crime groups to make easy money.[4]

One example is the WannaCry ransomware that was released in May 2017. Around 400,000 computers in 150 countries were infected by it in the first two weeks of its release. Decryption tools were made available by security experts within days of WannaCry's appearance, limiting extortion payments to approximately $120,000, or slightly more than 1% of the potential haul.[5]

Black hat hackers, like all hackers, usually know a lot about getting into computer networks and getting around security protocols. They also create malware, which is software that lets them access computer networks, monitor their victims' online activities, or lock their victims' devices. Black hat hackers can be involved in cyber espionage or protest, in addition to pursuing personal or financial gain. [6]Cybercrime may be an addictive experience for some. Black hat hackers can be novices just getting their feet wet by spreading malware to experienced criminals who steal data, particularly login credentials, financial information, and personal information. This information is then sold by many on the dark web. Other hackers modify or destroy data in addition to stealing it. The big data breaches that make headlines every year are the work of black hat hackers. In a data breach, hackers steal the credit card, login, and Social Security numbers of customers, patients, and constituents, as well as their financial and personal information. The hackers can then use this information to smear a business or government agency, sell it on the dark web, or extort money from businesses, government agencies, or individuals.[7] The United States experienced a record number of 1,862 data breaches in 2021, according to the Identity Theft Resource Center's 2021 Data Breach Report. Data breaches have been on the rise for some time. From 2013 to 2014, black hat hackers broke into Yahoo and stole 3 billion customer records, possibly the largest ever.In addition, adult website Adult Friend Finder was hacked in October 2016 and over 412 million customer records were taken. A data breach that occurred between May and July of 2017 exposed more than 145 million customer records, making national credit bureau Equifax another victim of black hat hackers.[8]

Strategy

Concealing Substance

One of the most famous black hat methods is to utilize nasty "entryway pages," which are intended for watchwords just, and accordingly, the substance of these entryway pages is stowed away from both the clients and the web indexes. Doorway pages are designed to deceive search engines so that they cannot index or rank your website for keywords or phrases that are synonymous.

Keyword Stuffing

Another form of black hat SEO is known as keyword stuffing, which involves repeatedly using the same keywords to try to trick search engines. The homepage and the meta keywords tag are two examples of webpages where this can be done. It is a tactic that involves using irrelevant keywords on a webpage to make it appear more relevant for particular keywords, deceiving people who visit the site looking for information that will help them with their problems.[9]

This occurs when multiple websites or pages link to your website. This is done in order to profit from the Pay-Per-Click (PPC) advertisements on these websites or pages. The issue is that the links only point to your website because it promises something in return, when in fact they are only there to increase traffic to another page you own and its popularity. These websites are unethical and will damage the credibility of the other pages you worked so hard on, possibly reducing your income potential.

Shrouding

Shrouding is the point at which you show different substance to clients and web search tools. Your website will appear to users as it is, but search engines will be presented with a different piece of content that is not as relevant to the content itself. This is done to boost a website's visibility in search results.

Spamdexing

Spamdexing is a form of black hat SEO that involves using software to inject backlinks into search engine results. This is done solely for the purpose of raising a website's page rank, or ranking in search engines, which results in thousands of backlinks.

Redirects that are unethical

A redirect link is considered unethical if it takes the user to a webpage that is not the one that is indicated in the link. For instance, it is unethical to have a link that should take the user to the website "XYZ," but instead takes them to "ABC." Users are tricked into following the path you want them to take by clicking on this link, even though they might not be interested in the website they land on.

Legality in UK

Even though the death penalty has been abolished in the United Kingdom for a long time, the black cap is still part of a judge's official regalia. When full ceremonial dress is required, each sitting judge brings it into the High Court of Justice. On November 9 of each year, when the Law Courts present the new Lord Mayor of the City of London, it is worn. Additionally, a judge of the High Court of Northern Ireland wears it as part of their regalia.[10]

Examples of famous Black Hats

  • Kevin Mitnick
    Kevin Mitnick is one of the most well-known black hat hackers. At one point, he was the most wanted cybercriminal in the world. He hacked into over forty major corporations, including Motorola and IBM, and even the US National Defense warning system as a black hat hacker. He was then taken into custody and incarcerated. He became a cybersecurity consultant after his release, utilizing his hacking expertise for white hat hacking.[11]
  • Vladimir Leonidovich Levin is a Russian Hacker of genius proportions. In 1994 while working with a dial-up connection and a laptop from Saint Petersburg, Apartment he accessed the accounts of several large corporate customers of Citibank stealing USD 10.7 million. He ended up spending three years in jail. However, in 2005, an anonymous hacker group came claiming that they were the ones truly responsible for the theft and that they only sold Vladimir the data needed to steal the money.[citation needed]

Other Types of Hacker Hat

White Hat

  • An ethical security hacker is referred to as a white hat, or white-hat hacker. The term "ethical hacking" is meant to mean more than just penetration testing. White-hat hackers aim to discover any flaws in the current system with the owner's permission. The black hat, a malicious hacker, is contrasted with the white hat. This definitional distinction originates from Western films, where heroic and antagonistic cowboys typically don black and white hats. A third type of hacker, known as a "grey hat," hacks with good intentions and occasionally without permission.[12] Teams known as "sneakers and/or hacker clubs," "red teams," or "tiger teams" are also common among white-hat hackers.[citation needed]

Gray Hat

  • An expert in computer security or a computer hacker known as a "grey hat" typically does not have the malicious intent of a "black hat" hacker, despite the fact that they may occasionally violate laws or common ethical standards. The ideas of "white hat" and "black hat" hackers led to the use of the term at the end of the 1990s. While the black hat will illegally exploit a vulnerability and/or instruct others on how to do so, a white hat hacker will only exploit it with permission and will not reveal its existence until it has been fixed. It will not be illegally exploited by the grey hat, nor will it instruct others on how to do so. Another difference between these types of hackers is how they find vulnerabilities. The black hat will break into any system or network in order to uncover sensitive information for personal gain, whereas the white hat does so at the request of their employer or with explicit permission to determine how secure it is against hackers. The grey hat typically possesses the white hat's skills and intentions, but it will enter any system or network without permission.[13]

See also

References

  1. ^ "What is a Black-Hat hacker?". www.kaspersky.com. 2022-02-09. Retrieved 2022-11-27.
  2. ^ testovaniebezpecnosti (2017-11-10). "Hackers are not just the bad guys – brief history and classification". HackTrophy (in Slovak). Retrieved 2022-11-27.
  3. ^ "Black hat, White hat, and Gray hat hackers – Definition and Explanation". www.kaspersky.com. 2022-05-11. Retrieved 2022-11-27.
  4. ^ "What is a Black-Hat hacker?". www.kaspersky.com. 2022-02-09. Retrieved 2022-11-27.
  5. ^ "What is WannaCry ransomware?". www.kaspersky.com. 2022-02-09. Retrieved 2022-11-27.
  6. ^ "What is a black hat hacker?". SearchSecurity. Retrieved 2022-11-27.
  7. ^ Espinosa, Christian (2018-03-09). "Black Hat vs White Hat Hackers". Alpine Security. Retrieved 2022-11-27.
  8. ^ "Biggest Data Breaches in US History [Updated 2022] | UpGuard". www.upguard.com. Retrieved 2022-11-27.
  9. ^ "Black hat SEO". Twaino. 2022-06-06. Retrieved 2022-11-27.
  10. ^ Guide, Hat (2021-10-15). "Black Cap". Hat Guide. Retrieved 2022-11-27.
  11. ^ Greenberg, Andy. "Kevin Mitnick, Once the World's Most Wanted Hacker, Is Now Selling Zero-Day Exploits". Wired. ISSN 1059-1028. Retrieved 2022-11-27.
  12. ^ "What is an ethical hacker and what does the work entail?". SearchSecurity. Retrieved 2022-11-27.
  13. ^ Luciano, Michael (2018-09-05). "What Are the Three Types of Hackers?". Design World. Retrieved 2022-11-27.